Symantec
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
www.DirectCertify.com IT Certification Exams PDF<br />
<strong>Symantec</strong><br />
ST0-134<br />
<strong>Symantec</strong> EndPoint Protection 12.1 Tcehnical Assessment<br />
Edition = DEMO<br />
Full Version Features:<br />
90 Days Free Updates<br />
30 Days Money Back Guarantee<br />
Instant Download Once Purchased<br />
24 Hours Live Chat Support<br />
Full version is available at link below with affordable price.<br />
http://www.directcertify.com/ST0-134.html<br />
http://www.directcertify.com/ST0-134.html<br />
Page | 1
www.DirectCertify.com IT Certification Exams PDF<br />
Question: 1<br />
Which <strong>Symantec</strong> Endpoint Protection 12.1 protection technology provides the primary protection layers against<br />
zero-day network attacks?<br />
A. SONAR<br />
B. Client Firewall<br />
C. Intrusion Prevention<br />
D. System Lockdown<br />
Question: 2<br />
Answer: C<br />
According to <strong>Symantec</strong>, what is a botnet?<br />
A. systems infected with the same virus strain<br />
B. groups of systems performing remote tasks without the users' knowledge<br />
C. groups of computers configured to steal credit card records<br />
D. compromised systems opening communication to an IRC channel<br />
Question: 3<br />
Answer: B<br />
A financial company has a security policy that prevents banking system workstations from connecting to the internet.<br />
Which <strong>Symantec</strong> Endpoint Protection 12.1 protection technology will be prevented from working on the company's<br />
workstations?<br />
A. Insight<br />
B. Application and Device Control<br />
C. Network Threat Protection<br />
D. LiveUpdate<br />
Question: 4<br />
Answer: A<br />
In addition to performance improvements, which two benefits does Insight provide? (Select two.)<br />
A. reputation scoring for documents<br />
B. zero-day threat detection<br />
C. protection against system file modifications<br />
D. false positive mitigation<br />
E. blocking of malicious websites<br />
http://www.directcertify.com/ST0-134.html<br />
Page | 2
www.DirectCertify.com IT Certification Exams PDF<br />
Question: 5<br />
Answer: BD<br />
How does the Intrusion Prevention System add an additional layer of protection to Network Threat Protection?<br />
A. It inspects the TCP packet headers and tracks the sequence number.<br />
B. It performs deep packet inspection, reading the packet headers, and data portion.<br />
C. It examines TCP/IP traffic from the application and traces the source of the traffic.<br />
D. It monitors IP datagrams for abnormalities.<br />
Question: 6<br />
Answer: B<br />
The fake antivirus family "PC scout" infects systems with a similar method regardless of its variant.<br />
Which SONAR sub-feature can block new variants of the same family, based on sequence of events?<br />
A. artificial intelligence<br />
B. behavioral heuristic<br />
C. human authored signatures<br />
D. behavioral policy lockdown<br />
Question: 7<br />
Answer: C<br />
Drive-by downloads are a common vector of infections. Some of these attacks use encryption to bypass traditional<br />
defense mechanisms.<br />
Which <strong>Symantec</strong> Endpoint Protection 12.1 protection technology blocks such obfuscated attacks?<br />
A. SONAR<br />
B. Bloodhound heuristic virus detection<br />
C. Client Firewall<br />
D. Browser Intrusion Prevention<br />
Question: 8<br />
Answer: D<br />
Which <strong>Symantec</strong> Endpoint Protection 12.1 defense mechanism provides protection against worms like<br />
W32.Silly.FDC, which propagate from system to system through the use of autorun.inf files?<br />
A. Application Control<br />
B. SONAR<br />
C. Client Firewall<br />
D. Exceptions<br />
http://www.directcertify.com/ST0-134.html<br />
Page | 3
www.DirectCertify.com IT Certification Exams PDF<br />
Question: 9<br />
Answer: A<br />
A company is experiencing a malware outbreak. The company deploys <strong>Symantec</strong> Endpoint Protection 12.1, with only<br />
Virus and Spyware Protection, Application and Device Control, and Intrusion Prevention technologies.<br />
Why would Intrusion Prevention be unable to block all communications from an attacking host?<br />
A. Intrusion Prevention needs the firewall component to block all traffic from the attacking host.<br />
B. Intrusion Prevention blocks the attack only if the administrator wrote a signature for it.<br />
C. Intrusion Prevention definitions are out-of-date.<br />
D. Intrusion Prevention is set to log only.<br />
Question: 10<br />
Answer: A<br />
Which <strong>Symantec</strong> Endpoint Protection 12.1 component uses reputation to evaluate a file?<br />
A. Shared Insight Cache server<br />
B. <strong>Symantec</strong> Endpoint Protection client<br />
C. <strong>Symantec</strong> Endpoint Protection Manager<br />
D. LiveUpdate Administrator server<br />
Question: 11<br />
Answer: B<br />
Which <strong>Symantec</strong> Endpoint Protection 12.1 component provides services to improve the performance of virtual client<br />
scanning?<br />
A. Shared Insight Cache server<br />
B. LiveUpdate Administrator server<br />
C. <strong>Symantec</strong> Protection Center<br />
D. Group Update Provider<br />
Question: 12<br />
Answer: A<br />
How many <strong>Symantec</strong> Endpoint Protection Managers can be connected to an embedded database?<br />
A. 1<br />
B. 2<br />
C. 5<br />
D. 10<br />
http://www.directcertify.com/ST0-134.html<br />
Page | 4
www.DirectCertify.com IT Certification Exams PDF<br />
Question: 13<br />
Answer: A<br />
Which component is required in order to run <strong>Symantec</strong> Endpoint Protection 12.1 protection technologies?<br />
A. <strong>Symantec</strong> Endpoint Protection Manager<br />
B. <strong>Symantec</strong> Endpoint Protection client<br />
C. LiveUpdate Administrator server<br />
D. <strong>Symantec</strong> Protection Center<br />
Question: 14<br />
Answer: B<br />
Which <strong>Symantec</strong> Endpoint Protection 12.1 component provides single-sign-on to the <strong>Symantec</strong> Endpoint Protection<br />
Manager and other products, along with cross-product reporting?<br />
A. <strong>Symantec</strong> Reporting server<br />
B. <strong>Symantec</strong> Security Information Manager<br />
C. IT Analytics<br />
D. <strong>Symantec</strong> Protection Center<br />
Question: 15<br />
Answer: D<br />
Which <strong>Symantec</strong> Endpoint Protection 12.1 component uses Sybase SQL Anywhere?<br />
A. <strong>Symantec</strong> Endpoint Protection Manager embedded database<br />
B. <strong>Symantec</strong> Endpoint Protection Manager remote database<br />
C. LiveUpdate Administrator server<br />
D. Shared Insight Cache server<br />
Answer: A<br />
http://www.directcertify.com/ST0-134.html<br />
Page | 5
www.DirectCertify.com IT Certification Exams PDF<br />
Full version is available at link below with affordable price.<br />
http://www.directcertify.com/ST0-134.html<br />
15% Discount Coupon Code: D39Z55X994<br />
Full Product Includes.<br />
http://www.directcertify.com/ST0-134.html<br />
Page | 6